package org.custom.spring.boot.security.config.security;

import org.cleaver.spring.utils.servlet.ServletUtil;
import org.custom.spring.boot.constant.Code;
import org.custom.spring.boot.constant.Message;
import org.custom.spring.boot.entity.Result;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 处理认证用户的权限异常信息
 *
 * @author LiKun
 * @date 2021/11/8 18:34
 */
@Component
public class HttpAccessDeniedHandler implements AccessDeniedHandler {
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException exception) throws IOException {
        exception.printStackTrace();
        ServletUtil.write(new Result<String>(Code.NOT_AUTHORE, Message.NOT_AUTHORE), response);
    }
}
